LEO

A Cyber Security Concern

Dev Overflow – Part 6

Dev Overflow – Part 6 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 5 As the following meme suggests, if you fail to disallow arbitrary execution or even inclusion of untrusted instructions in your programs, you really are going to have a bad time that will likely cost you dearly at some point. A4 [...]read more

Cracking the Enigma of Reputational Risk

Cracking the Enigma of Reputational Risk 544 419 JustinSilbert
By: Justin Silbert In reporting on the consequences of an incident, CISOs and other security professionals should be focused on the costs of the incident. Fixed costs, both direct and indirect, associated with recovery, forensic investigation, regulatory fines, customer notifications, and legal services should be addressed first. Once there is a grasp of the fixed [...]read more

Seven Steps to Enforce Security From the Inside Out

Seven Steps to Enforce Security From the Inside Out 840 630 JustinSilbert
By: Justin Silbert Traditional cybersecurity practitioners and almost all IT staff view their security architecture as a defense in depth strategy starting at the network perimeter. But both the threats and the environments continue to adapt every day in ways that we cannot anticipate. Today’s malware is designed to exploit zero-day vulnerabilities and continuously mutate [...]read more

Dev Overflow – Part 5

Dev Overflow – Part 5 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 4 Is your application vulnerable to sensitive data exposure? To answer that question, we need to know if it is storing sensitive data. Naturally, we cannot answer the latter without knowing what those sensitive data are in a given context. A3 [...]read more

What the Hawaii Missile Scare Can Teach Incident Response Teams

What the Hawaii Missile Scare Can Teach Incident Response Teams 1280 480 SethJaffe
By Seth Jaffe. Heads finally rolled over at Hawaii’s Emergency Management Agency. What can the incident response community take away from this latest real-life example? Procedures, Rules, and Communication Protocols, which are the underlying principles of a modern incident response program. I’ve written about all three in prior incident response posts, but let’s apply them [...]read more

Dev Overflow – Part 4

Dev Overflow – Part 4 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. This post is a direct continuation of my previous post on broken authentication and session management, which was split into two parts. You might want to review Part 3 (Back to Part 3) before proceeding. A2 - Broken Authentication (Cont.) Source: an "Office Space" [...]read more

Security Provisions Negotiation in the Wake of the OCC Risk Report

Security Provisions Negotiation in the Wake of the OCC Risk Report 640 426 SethJaffe
By Seth Jaffe. The “severity of cyber threats is increasing.” It’s something most of us inherently understand, but now we have the Department of the Treasury’s Office of the Comptroller of the Currency (“OCC”) weighing in with its Fall Risk Report for banks and savings associations.  The OCC has been sounding the alarm for years [...]read more

The Hidden Benefit of Security Conferences

The Hidden Benefit of Security Conferences 698 262 TorryCrass
By Torry Crass. I've been going to security conferences for a while now, a bunch of them; BlackHat, DefCon, RSA, and a smattering of BSides and various other conferences in my area. Sometimes I present, others I volunteer at, and the rest I'm simply an attendee. Conferences are a great resource in the security community [...]read more

Dev Overflow – Part 3

Dev Overflow – Part 3 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 2 Restating the main point of this entire blog series, security is about a human's way of thinking and a human's frame of mind - not about steel doors, firewalls, intrusion prevention, or intrusion detection systems. Although those tools will certainly help detect and mitigate [...]read more

Proposed Data Breach Prevention and Compensation Act of 2018

Proposed Data Breach Prevention and Compensation Act of 2018 1280 480 SethJaffe
In what appears to be a direct response to last year’s Equifax Breach, Senators Elizabeth Warren and Mark Warner introduced, this week, the Data Breach Prevention and Compensation Act, directly targeting large Credit Reporting Agencies (“CRAs”) like Equifax, Experian, and TransUnion. The Act comes with quite a sting, allowing for fines of up to 75% [...]read more

SWIFT Security Controls Framework Advisory Controls

SWIFT Security Controls Framework Advisory Controls 640 240 SethJaffe
By Seth Jaffe. Our prior article on compliance with the SWIFT Security Controls Framework focused on those controls designated mandatory by the Society for Worldwide Interbank Financial Telecommunication. But SWIFT included, in its framework, eleven advisory controls that are worth mentioning. They are: Implement confidentiality, integrity, and mutual authentication mechanisms to protect back office data [...]read more

Why Your Incident Response Plan Needs Rules

Why Your Incident Response Plan Needs Rules 1200 450 SethJaffe
By Seth Jaffe. Over the holidays, we dusted off some board games for a little family fun. One of the things that struck me was the frequency with which players consulted the game rules. The more complicated the game, of course, the more folks scoured the rule guide. This got me thinking about incident response, [...]read more